DockerImageUpdateAutobuild #71
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
%YAML 1.1 | |
--- | |
name: 'DockerImageUpdateAutobuild' | |
# Adapted from https://github.com/marketplace/actions/docker-image-update-checker#minimal | |
on: | |
workflow_dispatch: | |
# The trigger on 'schedule' allows to run daily. Time is in UTC declared in cron syntax. | |
# The scheduled jobs run only on the default branch. | |
schedule: | |
- cron: '37 2 * * *' | |
jobs: | |
CheckDockerImageUpdate: | |
runs-on: 'ubuntu-latest' | |
strategy: | |
matrix: | |
target: [ 'otobo-web', 'otobo-nginx-webproxy', 'otobo-nginx-kerberos-webproxy' ] | |
docker_tag: [ 'latest-10_0-autobuild', 'latest-10_1-autobuild', 'latest-11_0-autobuild' ] | |
include: | |
# the latest release for every release branch - has to be updated | |
- | |
docker_tag: 'latest-10_0-autobuild' | |
patch: 'rel-10_0_22' | |
- | |
docker_tag: 'latest-10_1-autobuild' | |
patch: 'rel-10_1_11' | |
- | |
docker_tag: 'latest-11_0-autobuild' | |
patch: 'rel-11_0_7' | |
# otobo-web uses different base images in the different release branches | |
- | |
target: 'otobo-web' | |
docker_tag: 'latest-10_0-autobuild' | |
base_image: 'perl:5.32-buster' | |
- | |
target: 'otobo-web' | |
docker_tag: 'latest-10_1-autobuild' | |
base_image: 'perl:5.36-bookworm' | |
- | |
target: 'otobo-web' | |
docker_tag: 'latest-11_0-autobuild' | |
base_image: 'perl:5.38-bookworm' | |
# otobo-nginx-kerberos-webproxy uses different dockerfiles in 10.0 and 10.1 | |
- | |
target: 'otobo-nginx-kerberos-webproxy' | |
docker_tag: 'latest-10_0-autobuild' | |
dockerfile: 'otobo.nginx-kerberos.dockerfile' | |
- | |
target: 'otobo-nginx-kerberos-webproxy' | |
docker_tag: 'latest-10_1-autobuild' | |
dockerfile: 'otobo.nginx-kerberos.dockerfile' | |
- | |
target: 'otobo-nginx-kerberos-webproxy' | |
docker_tag: 'latest-11_0-autobuild' | |
dockerfile: 'otobo.nginx.dockerfile' | |
# common info for every target; for nginx this includes the base imagie | |
- | |
target: 'otobo-web' | |
dockerfile: 'otobo.web.dockerfile' | |
context: '.' | |
repository: 'rotheross/otobo' | |
- | |
target: 'otobo-nginx-webproxy' | |
dockerfile: 'otobo.nginx.dockerfile' | |
context: 'scripts/nginx' | |
repository: 'rotheross/otobo-nginx-webproxy' | |
base_image: 'nginx:mainline' | |
- | |
target: 'otobo-nginx-kerberos-webproxy' | |
context: 'scripts/nginx' | |
repository: 'rotheross/otobo-nginx-kerberos-webproxy' | |
base_image: 'nginx:mainline' | |
steps: | |
- name: Setting up the environment file | |
run: | | |
patch=${{ matrix.patch }} | |
docker_tag=${{ matrix.docker_tag }} | |
build_date=$(date -u +'%Y-%m-%dT%H:%M:%SZ') | |
( | |
echo "otobo_branch=${patch}" | |
echo "otobo_docker_tag=${docker_tag}" | |
echo "otobo_ref=${{ matrix.repository }}:${docker_tag}" | |
echo "otobo_base_image=${{ matrix.base_image }}" | |
echo "otobo_build_date=${build_date}" | |
) >> $GITHUB_ENV | |
- | |
name: Info | |
run: | | |
echo "Checking base image ${{ env.otobo_base_image }} of image ${{ env.otobo_ref }}" | |
- | |
# this step sets ${{ steps.check.outputs.needs-updating }} | |
name: Check whether base image was updated | |
id: check | |
uses: lucacome/docker-image-update-checker@v2 | |
with: | |
base-image: ${{ env.otobo_base_image }} | |
image: ${{ env.otobo_ref }} | |
- | |
# print the result in any case | |
name: Report the check result | |
run: | | |
echo "The OTOBO web image needs updating: ${{ steps.check.outputs.needs-updating }}" | |
- | |
name: Set up Docker Buildx | |
if: steps.check.outputs.needs-updating == 'true' | |
uses: docker/setup-buildx-action@v3 | |
- | |
name: 'check out the relevant OTOBO branch' | |
if: steps.check.outputs.needs-updating == 'true' | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ env.otobo_branch }} | |
- | |
# needed for build arg GIT_COMMIT | |
# can't use github.sha here as we need the commit of the checked out branch | |
name: 'get the commit SHA of the current checkout' | |
if: steps.check.outputs.needs-updating == 'true' | |
run: echo "otobo_commit=$(git log -1 '--format=format:%H')" >> $GITHUB_ENV | |
- | |
# build the image, not pushing yet, no pushing as DockerHub access is not set up yet | |
# Caching with Github Actions Cache, limited to 10 GB | |
# context: . indicates that the current checkout is used | |
name: Build | |
if: steps.check.outputs.needs-updating == 'true' | |
uses: docker/build-push-action@v6 | |
with: | |
load: true | |
context: ${{ matrix.context }} | |
file: ${{ matrix.dockerfile }} | |
pull: true | |
build-args: | | |
BUILD_DATE=${{ env.otobo_build_date }} | |
DOCKER_TAG=${{ env.otobo_docker_tag }} | |
GIT_REPO=${{ github.repositoryUrl }} | |
GIT_BRANCH=${{ env.otobo_branch }} | |
GIT_COMMIT=${{ env.otobo_commit }} | |
target: ${{ matrix.target }} | |
tags: ${{ env.otobo_ref }} | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
- | |
# otobo_first_time hasn't run yet, so /opt/otobodockerupdatetest is still empty | |
name: Info | |
if: ${{ steps.check.outputs.needs-updating == 'true' && matrix.target == 'otobo-web' }} | |
run: | | |
docker run --rm -w /opt/otobo_install/otobo_next --entrypoint /bin/bash $otobo_ref -c "more git-repo.txt git-branch.txt git-commit.txt RELEASE | cat" | |
- | |
# login to Docker Hub only after the build | |
name: Login to Docker Hub | |
if: steps.check.outputs.needs-updating == 'true' | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- | |
# finally upload to DockerHub | |
# the built image is already available in the job | |
name: Push to DockerHub | |
if: steps.check.outputs.needs-updating == 'true' | |
uses: docker/build-push-action@v6 | |
with: | |
push: true | |
context: ${{ matrix.context }} | |
file: ${{ matrix.dockerfile }} | |
pull: true | |
build-args: | | |
BUILD_DATE=${{ env.otobo_build_date }} | |
DOCKER_TAG=${{ env.otobo_docker_tag }} | |
GIT_REPO=${{ github.repositoryUrl }} | |
GIT_BRANCH=${{ env.otobo_branch }} | |
GIT_COMMIT=${{ env.otobo_commit }} | |
target: ${{ matrix.target }} | |
tags: ${{ env.otobo_ref }} | |
cache-from: type=gha | |
cache-to: type=gha,mode=max |